package com.taotao.tools.springmvc.xss;

import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;

import javax.servlet.DispatcherType;

/**
 * <p>
 *   防止xxs的启动类,使用@Import来引入或spring.factories来引入
 * </p>
 *
 * @author youbeiwuhuan
 * @version 1.0.0
 * @date 2023/8/9 11:11
 */
public class XssConfig {

    /**
     * XSS 的Filter注入
     * 用来处理getParameter的参数
     * @return
     */
    @Bean
    public FilterRegistrationBean xssFilterRegistrationBean(){
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new XssFilter());
        filterRegistrationBean.setOrder(1);
        filterRegistrationBean.setDispatcherTypes(DispatcherType.REQUEST);
        filterRegistrationBean.setEnabled(true);
        filterRegistrationBean.addUrlPatterns("/*");
        return filterRegistrationBean;
    }
}
